This is one of the big issues that I can think of, and Quantum Vibe points out, is that if you have your backup somewhere that isn’t under your direct control-it can be taken by someone.
And, ruining your credit record is the least bad thing.
What is the general policy on off-site backups for the Eldrae?
The risk of off-site backups is acknowledged, but in general, it’s considered lesser to the risk of not having off-site backups. Single point of failure, and all that.
In short, the risk is controlled - for smart people - by having backup storage providers who both have sterling reputations for probity, and very talented security professionals on staff. (Most people use one of these providers for their off-site backups, because designing your own backup-protection system tends to have the same problem as rolling your own encryption does today; namely, you’re not as good at it as the professionals.)
So, if you look at Crystal Flame, ICC, for example, they have multiple storage locations, and held backups are encrypted, split up into one-third XORs, and randomly assigned to multiple locations. The index itself is similarly encrypted and kept off-site. Everyone with direct or indirect access to the backups is a Cilmínár professional, and commands have to be three-soph-rule verified by multiple personnel at multiple sites. Audit logs, to which the working personnel have no access, are written directly to write-once storage.
Don’t even ask what the physical security is like.
Capable would be my first assumption on the capability of the security as well. My bet is there is always open hiring slots for former military and very-high trust mercenaries willing to be positively vetted.